Badware purveyors trying to capitalize on the ongoing Pokémon Go frenzy have achieved an important milestone by sneaking their fake wares into the official Google Play marketplace, security researchers said Friday.

Researchers from antivirus provider Eset report finding at least three such apps in the Google-hosted marketplace. Of the three, the one titled "Pokemon Go Ultimate" posed the biggest threat because it deliberately locks the screen of devices immediately after being installed. In many cases, restarting an infected phone isn't enough to unlock the screen. Infected phones can ultimately be unlocked either by removing the battery or by using the Android Device Manager.

Once the screen has been unlocked and the device has restarted, the app—which by now has the title PI Network—is removed from the device's app menu. Still, it continues to run in the background and surreptitiously clicks on ads in an attempt to generate revenue for its creators.

"This is the first observation of lockscreen functionality being successfully used in a fake app that has landed on Google Play," Eset malware researcher Lukas Stefanko wrote in Friday's post. "It is important to note that from there it takes just one small step to add a ransom message and create the first lockscreen ransomware on Google Play."

Read more here http://goo.gl/0aTmQI